Mobile malware hiding in fake versions of popular apps such as TuneIn Radio and Football Manager is secretly mining crypocurrencies like bitcoin, dogecoin and litecoin.
The malware is hidden within the fake apps' software code and is secretly activated when the phone is plugged in to recharge, connecting to special mining pools which work together to mine various types of cryptocurrency. The official versions of the apps avaialble through the Play Store remain unaffected.
While these apps were initially found in unofficial, third-party app stores, the same malware - based on the well-known cpuminer software - has been discovered this week by security firm Trend Micro in two apps within the official Google Play Store.
The apps are Songs (downloaded between one and five million times) and Prized (downloaded between 10,000 and 50,000 times), though the latter has been removed from the app store since a blog post by Trend Micro Mobile Threats Analyst Veo Zhang.
Bitcoin, litecoin, dogecoin
The apps had been tweaked so that the mining software would only kick in when the phone was being charged, meaning users wouldn't spot the obvious battery drain, however as Zhang points out "users will also quickly notice the odd behavior of the miners – slow charging and excessively hot phones will all be seen, making the miner's presence not particularly stealthy."
These apps can be used to mine several different cryptocurrencies though considering how much processing power it requires to mine bitcoin these days, it is unlikely the criminals using the malware will be targeting this digital currency.
Also this week, researchers at mobile security specialists Lookout have discovered several versions of a malware family called CoinKrypt in Spanish forums dedicated to the distribution of pirated software, which has been recorded targeting the litecoin, dogecoin and casinocoin currencies.
Smartphone CPUs and GPUs these days may be more powerful that ever before, but unlike powerful desktops - or even specially-built mining rigs - smartphones simply don't have the power to effectively mine bitcoin.
As Zhang points out: "Clever as the attack is, whoever carried it out may not have thought things through. Phones do not have sufficient performance to serve as effective miners."
Lookout's researchers share this opinion but warn the trend for such malware points to a bigger problem with Android:
"While Lookout does not believe that the CoinKrypt authors will receive a significant ROI, the find is indicative of a wider trend of malware authors experimenting with various strategies designed to cash in on the growth of digital currencies."
This type of malware may not be stealing money directly from smartphone users or accessing their personal information, but the increased stress on your phone or tablet's processor will lead to shorter battery life, increased wear and tear and could lead to a shorter device lifespan.